Results 1 to 2 of 2

Thread: Problems for NAT FTP client listing directory

  1. #1

    Problems for NAT FTP client listing directory

    Hi all.

    I've got a Fedora Core 4-based firewall/router. I've set up NAT using iptables, and everything seems to be copacetic as far as the clients behind the firewall are concerned.

    The only trouble I've had is with one particular remote FTP server. I've got a WinXP box behind the firewall (duh) that exhibits some odd behavior when connecting to that server.

    1) When I connect using SmartFTP (GUI client), the connection is negotiated, and I can upload files to the default directory. However, I cannot list that directory, it appears empty. The admin of the machine in question says that he can see the files.
    2) When I try the CLI FTP client included with XP, the connection is made again, but the moment I try to list the remote directory, the connection is closed by the remote host.
    3) (and this is the bizarre one) If I use an ftp:// URL in Firefox (on the WinXP machine) to reach the FTP server, it can see the files and navigate around the site fine.
    4) The FTP connection appears to behave normally when connecting from the firewall machine itself via an SSH session.

    I am able to view other FTP servers normally from SmartFTP, it's just this one that behaves strangely. I'm trying to rule out a firewall issue.

    The remote server is Mac OS X Server (10.3.2) based, and that's the only version number given for the FTP client in the welcome banner. (Yes yes, I know, HURR MACS SUCK HURR, please don't bother saying it.)

    Does anyone have any ideas?


  2. #2
    From the network perspective there are two types of FTP, active and passive.

    With passive FTP, both the control and data transfer connections are initiated by the client.

    With active FTP, the control connection is initiated by the client, but the data connection is initiated by the server. The server connection can break if the server is behind a many to 1 NAT or the firewall that protects it only allows passive FTP connections. the symptoms of broken active FTP, is the ability to run all commands except PUT and GET.

    Browsers, by default, use passive FTP.

    From the Linux command line you can set passive FTP with this command:

    ftp> passive on
    In Windows:

    Last edited by dragonaire; 01-17-2007 at 06:31 AM.

Similar Threads

  1. Listing bandwidth use by process
    By trickster in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 11-23-2005, 07:20 PM
  2. mail listing
    By bYTeGr4v3 in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 12-17-2002, 12:38 AM
  3. Disabling directory listing with .htaccess
    By airhead in forum Linux - Hardware, Networking & Security
    Replies: 2
    Last Post: 12-01-2002, 09:06 PM
  4. listing file in *.tar.gz/*.tgz
    By Blaqb0x in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 11-03-2002, 04:29 AM
  5. Recent Posts Listing
    By bdl in forum Announcements and Suggestions
    Replies: 6
    Last Post: 09-15-2001, 10:07 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts